You don’t. But you don’t get to make that decision for everyone you talk to. People /erroneously/ think they do, so it has become impossible to participate in a public discussion without Cloudflare in the loop.

FOSDEM 2026 demonstrates this embarrassment. Every single FOSDEM talk this year has a link to matrix.to (Cloudflare). Even if your own account is CF-independent, the rest of the crowd who you correspond with is not. You cannot isolate yourself from Cloudflare and also participate in FOSDEM rooms. That’s not ETS.

Aww, sweety, don’t you know written statutes, compliance, and enforcement are all different things?

When this disappears, you can tell all your friends at school that there is “no law any more[sic]” (just like your parent told you), and become popular at your school. Until then, please run along and play with your friends. This conversation is for grown ups.

Which country do you have experience with?

International rail and bus lines have this problem. They have price X for online tickets, and price X+Y (where Y>0 and often Y>X) for cash payers. Flixbus (Germany) and OUIGO (France) both do this.

Some countries force payments by bank transfer. The only way to make such a payment with cash is to hire the post office, who charges a fee. Indeed you cannot even pay your tax in cash in some countries without paying an extra fee.

The cheapest Internet subscription offer often mandates electronic payment – even if the ISP has a physical presence. In that case you can only pay cash via the post office, which adds their fee.

Whether it’s a good idea to present the DL to ICE depends on whether there is a legal obligation to do so – hence the question about jurisdiction.

If you legally must present a state DL on-demand to feds, then it’s a question of consequences. Refusing to present your DL to a local cop who pulls you over could probably lead to legit confiscation (effectively, loss of driving privs). If the feds take your DL and it’s unlawful, then the confiscation has no legal effect because you are still licensed to drive. You would just have the inconvenience of reporting a stolen ID to the DMV and waiting for a replacement.

One legal theory I would like answered is if you can refuse the DL to feds, then would they have to call a local cop to demand your DL by proxy in the scenario of following a legal procedure? This could be interesting because local cops may not be happy to respond to such calls.

Indeed the EU is not worried about marginalising Americans. That is the thesis of the thread. Whether they /should/ give a shit is a separate question. As it stands, there are multinational “accidental Americans” in the EU who have lived in Europe their whole life (with an EU-based nationality). They also get treated as Americans by EU banks despite their other nationality.

PM’s apps perform the encryption on your own device because it’s your device that runs the apps. That is e2ee, but still only in the two scenarios I mention and even then it’s also vulnerable to targeted attack. PM could ship malcious j/s if it wanted (the likely case being to comply with a court order). It’s better if your own non-j/s FOSS MUA handles the crypto, which is actually easier if you don’t use PM.

If mailbox.org works the way anonaddy works, then that’s not e2ee. The msg payload is seen by the server that does the encryption, in the very least. The sender’s ESP would have already seen the msg.

Indeed, which is more reason to not blindly block dynamic IPs.

This page covers CF as a walled garden generally:

https://thefreeworld.noblogs.org/post/2024/03/18/cloudflare-has-created-the-largest-most-rigidly-exclusive-walled-garden-in-the-world/

W.r.t the fedi, Cloudflare blocks Tor and VPNs by default. So if you wanted to run your own Lemmy node, it would be unable to federate to Cloudflare nodes over Tor or VPNs. Lemmy end users are also oppressed by CF because images come from the source and are not cached. So if someone posts an image on a CF node and I use Tor to connect to slrpnk.net, I can only see the text and not the pics.

Users of CF nodes tend to be ignorant about the exclusivity of many clearnet sites, so they often unwittingly post links to tor-hostile sites.

Are you talking about a pure matter of size?

That too. The fedi is designed to make decentralisation /possible/. But obvisouly if network effect causes a majority of people to pile onto a single host, that’s not decentralised. Lemmy was not designed to be smart about this.

There are several node operators who do not give a shit about decentralisation or the balance that that requires. They just want to have a disproportionate amount of power over users so they can control the narrative through selective censorship. So they grow nodes that are obscenely large. Lemmy World goes to the extreme of using Cloudflare to circumvent the natural control of resource limitations, to grow out of control.

Some non-CF nodes also don’t know when to quit new registrations. I track them by calculating the average node size. If a node has more than 2 standard deviations above the avg number of users, I consider them centralised and avoid posting in their communities, just as I avoid posting in Cloudflare’s walled garden.

Consider self-hosting HALF the service. Something like this:

Outbound

local Postfix on dynamic IP → relay (optional and configurable) → recipient

You can configure Postfix to use a relay depending on the recipient. E.g. if you need to reach alice@outlook.com, MS will reject your dynamic IP. But if you have bob@outlook.com, you can tell Postfix to relay via MS servers using your bob@outlook.com account for all *@outlook.com recipients. And yes, you can still use a different vanity address in the FROM: field, like Gobbel2000@nerds.org, if that’s what you want to be known as. You can freetype whatever your want as the FROM: address if you use a good MUA like mutt.

You can even hack postfix to send over Tor. And you can make it possible to support *.onion email addresses, which is something that no non-self-hosted service offers.

When I email someone for the 1st time, say it’s alice@someunknownneverseensvc.xyz, I first configure my mail server to relay to @someunknownneverseensvc.xyz over Tor. If that fails (and it often does), I configure Postfix to directly send to that server from my dynamic IP (or VPN if I have that running). That’s the default, in fact. If that fails, then I can cave-in and compromise my privacy by relaying through a 3rd party, if I choose. Most importantly, I am in control. If I really want to send the msg but I really do not want an additional MitM, I may be able to create an acct on @someunknownneverseensvc.xyz and then use that as a relay to recipients on that host.

Rise-up has an onion SMTP server. So if you have a riseup acct you could use their onion as a relay.

Inbound

(your acct @ rise-up or disroot.org or danwin1210.de or autistici) → POP3 onion using fetchmail → local Postfix → dovecote or procmail → local files read by your MUA of choice

You avoid a lot of complexity and labor by not maintaining a WAN-listening server. Though you still have a fair amount of effort in configuring your junk, you need not do all the configuration up front. You can do it on a piecemeal per-outbound msg basis to spread your config effort out over time. Of course you need to use a forwarding service or do some DNS arrangements if you want an address that does not tie you to an ESP.

This approach relieves you of the reliability problem… you need not maintain a server always online, up, and listening. But of course you lose some privacy because all your inbound traffic is seen by your ESP. At least you can potentially circumvent your ESP on outbound mail.

BTW, you might want to crosspost to !email@lemmy.sdf.org

(update) my complaint with Postfix: no Tor support out of the box

Postfix needs some hacking to get it to work over Tor. As old as Postfix and Tor both are, they should work together out of the box.

side note: downside is, your data there is more snoopable, less so with something like proton.

Can you elaborate? AFAIK, Protonmail only gives e2ee in 2 rare situations:

• Both parties use PM
• The non-PM user has a PGP key and the PM user is competent enough to add the key to their PM address book. (This is where Hushmail is superior to PM, but HM is not gratis)

In all other scenarios (no e2ee), PM traffic and data-at-rest is just as exposed as conventional non-PM.

True, but sending from a static IP that is linked to you yields less privacy. I’ve decided: fuck these email recipients who demand I compromise privacy in order to give them the convenience of relying on IP reputation. Sure, google and MS servers refuse email from me, but I prefer that anyway. I use postal mail for such recipients (and yes, that’s most recipients).

In the decentralised free world:

🗽☯lemmy.sdf.org/c/electronics (67/0) “Electronics”
🗽☯fedia.io/diysolar “DIY Solar”
🥧piefed.blahaj.zone/diy_hrt “DIY HRT”
🥧piefed.social/solarpunk “Solarpunk DIY”
🗽☯krabb.org/c/diy (8/0) “DIY”
🗽☯lemmy.perfecthluxury.store/c/DIY (1/0) “DIY”
🗽☯notdigg.com/c/diy (32/0) “DIY”
🗽☯europe.pub/c/DIY (71/1) “DIY”
🗽☯foros.fediverso.gal/c/maker (58/1) “DIY e Makers”
🗽☯hi-fi.community/c/diy (5/1) “DIY”
🗽☯hilariouschaos.com/c/diy (58/1) “DIY”
🗽☯lemmy.sdf.org/c/synthdiy (192/1) “synthdiy”
🗽☯lemmy.staphup.nl/c/diy_energy (2/1) “DIY wind water energy projects”
🗽☯szmer.info/c/diy (179/1) “DIY, majsterkowanie i takie tam”
🗽☯tech.pr0n.pl/c/electronics (5/2) “Electronics”
🗽☯feddit.uk/c/diy (284/4) “DIY”
🗽☯sopuli.xyz/c/bike_repair_tips (374/29) “Bike Repair Tips and Tricks”
🗽☯discuss.tchncs.de/c/electronics (2631/38) “Electronics”
🗽☯slrpnk.net/c/fixing (950/66) “fixing”
🗽☯beehaw.org/c/diy (8518/184) “Do It Yourself”
🗽☯discuss.tchncs.de/c/askelectronics (3901/326) “Ask Electronics”
🗽☯slrpnk.net/c/diy (3792/500) “DIY”

specifically audio:
🗽☯hi-fi.community/c/audiophile (33/1) “Audiophile”
🗽☯lemmygrad.ml/c/audiophile (115/1) “Audiophile”

There are also DIY / fixing communites on these centralised instances which should be avoided if you value digital sovereignty:

hexbear.net, lemmy.blahaj.zone, lemmy.dbzer0.com, lemmy.ml

^ Those are bad nodes simply because they have grown 2 standard deviations above the mean. Thus growing out of control.

The following are the worst of the worst because they are in Cloudflare’s walled garden:

lemm.ee, lemmit.online, lemmy.ca, lemmy.world, lemmynsfw.com, programming.dev, sh.itjust.works, zerobytes.monster

The transaction data should be treated as sensitive too. But that should not stop them. If banks were technically competent, you would be able to get email-delivered statements that use either PDF’s AES encryption based on a symmetric key, or as an openpgp msg.

As applied to banks it seems not so bad

Certainly in the US it’s a catastrophic shit-show. The law only requires collection of 4 pieces of info, but the same law says “and banks may also collect whatever the hell they want with immunity to damages”. Then US banks lie to their customers and say “we need your annual income because KYC because US Patriot Act”… and people simply believe it. They don’t know the says the bank legally /can/ collect it, but that it’s not legally required.

Then when the data breach happens, the cyber criminals get a huge treasure trove of sensitive data the bank did not need in the 1st place. When the breach is on an outsourced entity, no law in the US requires that outsourced entity to disclose to victims which bank supplied the info. So e.g. Citibank gives your data to corp X to do a some arbitrary service. Then corp X (who you never heard of) sends you a note: “we were breached… sorry… here, have some free credit monitoring through this Cloudflared website”.

Victim: which bank gave you my data?
corp X: (crickets)

It’s astonishingly stupid how many Americans are naïvely okay with that arrangement.

but they keep expanding it to new types of business.

Indeed, VOIP may be next abuse of the KYC anti-privacy model. Why not… if the masses are stupid enough to lick bank’s boots, surely people can be conditioned to go along with tossing their privacy out wherever else KYC manifests from the Orwellian playbook.

All people with a right to live in the EU have a right to a free or reasonable priced bank account.

Not exactly. That’s just a façade in attempt to create the optical illusion of equality. The EU requires member states to support a “basic” bank account, but then the EU looks the other way when they reduce the account capabilities and charge fees. You pay much more for a basic account than for a retail account, and depending on the member state you also loose features and capabilities. Some member states block cash services on basic accounts – thus making them useless in the context of this thread.

So in the end, Americans are still marginalised on the basis of nationality.

The assumption in the leaflet when they say they are protecting surcharges for using cash. They aren’t implying a right to charge more for using cash. Your inferring that.

It’s reality, not inference. Cash payers pay fees that card payers are exempt from.

The leaflet is accurate. Card payers are protected from fees (fees that cash payers are not).

They can’t make that commitment because not all countries use euro in the EU, that’s why there’s no common EU wide solution for cash payment legislation.

The EU absolutely has the power (exclusively, in fact) to prevent surcharging cash. Non-euro countries have more sovereignty in this regard, by choice.

That’s handled by article 62(3) that made it illegal to charge additionally beyond the direct cost of a transaction to merchant themselves.

Sure, but then they say “hiring someone to process your cash is a cost to us”. They have commercial freedom to allocate costs however they please so long as it does not cause an upcharge to card payers.

(edit) note as well that card transactions incur a 0.9% direct charge to the merchant, but they cannot pass that on to the consumer as a surcharge.

And the EU cannot be hold responsible for the wrong Treatment of other nationalities.

Every EU country agreed to make their banks discriminate against Americans through fatca. Of course they are responsible for what they agree to.

With that logic each country must accept every currency because it would limit autonomy otherwise.

You’re not getting it. It’s not USD that’s getting harsh treatment. It’s Americans who try to use EU banks, regardless of currency.

This has nothing to do with Americans.

Nonsense. Read about FATCA.

The assumption is cash doesn’t get charged extra. No rights are being taken away.

Bad assumption. Cash payers are now being charged more, for train and bus tickets for example. A €10 ticket has an extra fee of €12 for paying cash (12 on top of the 10), for example.

Charges associated with useing cash for payments is handled with separate legislation, which is different in different parts of the EU because they use different currencies. Typically dealt with under laws relating to legal tender.

You are apparently unfamiliar with the Rundfunk case in Germany. The EU has exclusive competency over the euro and meaning of legal tender. And no, it does not protect cash payers from surcharges.

They apparently stole the brand of a FOSS router firmware (an openwrt alternative).

Bit annoying that their README does not actually state a basic overview of what their app does. It’s quite hidden in small print above the file list… easily missed.

When Piefed emerged, it was extremely sluggish in my browser and I got the impression that it was lightweight on the server side due to exporting a lot of the work onto the client side. That could be wrong or perhaps it evolved more. That comparison suggests I should have another look.

First of all, you didn’t answer the questions.

But I will answer yours:

Why do people fear downvotes so much?

This is irrelevant and already addressed in Lemmy. Lemmy already has a disable downvotes config option. Beehaw is an example of where that is used. Anyone who outright opposes¹ downvotes can use beehaw.

Silent downvotes are a different matter entirely. There is good reason to oppose silent downvotes. They are a suppressive act that lacks justification, heavily manipulated, and adds negative value and toxicity.

Re: toxicity – silent downvotes are also an assault on dignity as they regard the OP as unworthy of explanation. Then there is the further side-effect of the OP being denied the viewpoint of a (cowardly) opposition and ultimately being denied understanding of the community they are in, which is not conducive to future positive content.

It’s ultimately shitty communication. Like when a bank’s way of communicating to you that your ID card expired on file is to freeze your account. Or when in Office Space they communicate to Marvin he is fired by fixing a payroll glitch. It’s that kind of communication that’s shitty. Bizarre how people actually think this is a sensible way to communicate in a civilised society.

If you don’t like the downvotes, you can use a sorting algorithm that ignores them.

There is no sorting algo that disregards silent downvotes while counting reasoned downvotes.

Also, the power of defaults is a thing. The suppression has effect because of default algos used by the unmeticulous masses. One’s own custom sorting algo could not make a dent in that even if it were magically feasible from the user’s view to associate upvotes to downvotes.

¹ I don’t outright oppose downvotes, but when our blunt options are the default shit-show we have by default or no downvotes, no downvotes is better which is why I use beehaw.